You can't sign in to Skype for Business or Lync clients on devices that don’t support Server Name Indication (SNI)
Note This issue currently occurs on Polycom CX phone devices and some Lync Phone Edition devices.
- Run the following command on the ADFS servers: The application ID and certificate hash is returned in the output. The website URL is also reported. If there's more than one website configured on the server, search for the website URL first, and then obtain the corresponding application ID and certificate hash.
netsh http show sslcert
- Run the following commands in the same window:Notes
netshHTTPadd SSLCert IPPORT=0.0.0.0:443 certhash=certhash appid=appid
- Replace the IP address in this command (0.0.0.0) with the IP address that you want to specify. Also replace the port value with the specific port that's configured for the website. This is typically 443 for ADFS 3.0. For most customers, binding the SSL certificate to all IP addresses is recommended.
- The appid value must include the braces.
- You have a Windows Server 2012 R2-based server that has ADFS 3.0 installed.
- There's a new Server Name Indication (SNI) feature in ADFS 3.0, but some platforms don't support this yet. Support for SNI depends on the device's operating system in question. Although the clients themselves support this new feature, the device platform may not.
Note If you need help configuring ADFS 3.0, we recommend that you contact ADFS 3.0 technical support. We also recommended that you run the most recent versions of the ADFS 3.0 components.
Third-party information disclaimer
Still need help? Go to the Office 365 Community website.
Id. de artículo: 2973873 - Última revisión: 05/31/2016 19:08:00 - Revisión: 4.0
- o365 o365e o365p o365a o365m o365022013 kb3rdparty KB2973873